Major Incidents or Breaches

  • Discord disclosed a data breach resulting from the compromise of a third-party customer service provider. Attackers accessed support tickets containing partial payment information and personally identifiable information (PII), including names and government-issued IDs of some users.

Newly Discovered Vulnerabilities

  • Security researchers detailed a new attack technique named CometJacking, which targets Perplexity’s Comet AI browser. The attack involves embedding malicious prompts within links, potentially allowing threat actors to exfiltrate user data through a single click.

Notable Threat Actor Activity

  • Multiple sources reported a significant increase—up to 500%—in scanning activity targeting Palo Alto Networks login portals. The spike in scans indicates coordinated reconnaissance efforts by suspicious IP addresses, suggesting potential exploitation attempts or preparation for future attacks.

Regulatory or Policy Developments Affecting the Security Industry

  • Apple and Google removed ICE-tracking apps from their platforms following pressure from the US Department of Justice. This action demonstrates ongoing regulatory influence over app availability and content moderation on major digital platforms.